Nature has always been an inspiration for engineers. Early designs of airplanes incorporated the structural elements of birds, the fins of whales were the muse for wind turbines, and the incredible shelter-building capabilities of termites were the blueprints for chimneys and even energy-efficient skyscrapers. So when it comes to figuring out how to best tackle cyberattacks, why not also learn from the natural world?
That’s what IEEE Senior Member Wojciech Mazurczyk, associate professor at the Warsaw University of Technology and founder of its Cybersecurity.bio project, and Ph.D. student Elzbieta Rzeszurko set out to do. Their project takes a look at if cyberthreats such as botnets, denial-of-service attacks, and worms as well as preventative measures like firewalls and intrusion detection systems employ strategies similar to those used by plants and animals. Their research paper, “Security—A Perpetual War: Lessons From Nature,” was published in January in IEEE Computer Society’s journal IT Professional. It is available in the IEEE Xplore Digital Library.
The researchers looked to species like the bolas spider to better understand malware, a tactic to mislead people into downloading malicious code. The first step is to exploit perceptual bias. These spiders mimic the pheromones of a female moth to trick male moths into its web. The second step is to disable defensive security measures. Just like the spider, once a moth is in the web, it immobilizes the moth by injecting it with venom. Then there’s the Japanese arrowroot plant, which steals light and nutrients from trees. It’s so effective, according to the paper, that the plant was used during World War II to quickly conceal military weapons. This technique is analogous to a denial-of-service attack, making a machine or network unavailable to users, while stealing its resources.
There are, of course, examples of defensive strategies in nature too. The Mexican shrub Leucaena leucocephala secretes toxic amino acid, which stunts the growth of other nearby plants but not its own shrublings. The shrub is used to increase the yield of rice crops, but it has the opposite effect on wheat. This type of selectivity of what is and isn’t permitted inside makes for great firewall.
The masked birch caterpillar has its own intruder detection system. It responds only to the vibrations of leaves made by known enemies, while ignoring all nonrelevant signals, such as those caused by rain or wind. The caterpillar is a model for intrusion detection systems to first determine what the threat is and then take preventative measures to fend the attacker.
THE LESSON LEARNED
According to the researchers, it’s the endemic conflict of interest, whether for competitive dominance or to gain access to limited resources, present in both the natural and virtual world that make the two comparable. Animals and plants adapt their behaviors to outwit rivals. The same is true for the Internet: there are those working to secure it while others continue to find a way to break in.
For example, the murex snail develops thick shells to protect itself from crabs, but then crabs grow more powerful claws and jaws. For the Internet, software developers build antivirus programs, and then malware hackers alter the code.
According to the authors, there are two essential components of security: an ability to respond to dubious signals, cautiously, and knowledge of the aggressor’s behavior patterns. They warn, however, that in trying to predict new threats before they happen, Internet security experts are going against nature. They explain that nature reacts to threats, but it does not anticipate them. In the wild, there is no definitive countermeasure. New defense mechanisms develop only when a new threat appears.
Mazurczyk and Rzeszurko suggest researchers and security experts in search for new network attack techniques and novel defense systems should look at what goes on in the wild for inspiration. Look to the shrubs, caterpillars, mollusks, and spiders of this world. After all, we are talking about the World Wide Web.